Identifying Potential Malicious Attacks, Threats, and Vulnerabilities

We have been engaged in business for some time, and have been very successful, however we need to re-examine our network configuration and infrastructure and identify that our network defenses are still reliable, before we make any changes. We need to take a hard look at our current configuration of host, services and our protocols within our organization. Data from a large number of penetration tests in recent years show most corporate networks share common vulnerabilities. Many of these

Another threat is Phishing, it is the fraudulent practice of sending emails pretending to be from reputable companies in order to lure individuals to reveal personal information, such as passwords and credit card numbers.

In this report I will be describing the ways in which networks can be attacked, also be giving real life example of each of the below.

WEP is an older security protocol for wireless networks that encrypts transmitted data. WEP uses a security code chosen during configuration called a WEP key, which uses a sequence of hexadecimal digits. WEP keys can be formed in different lengths depending on the type of WEP encryption being utilized. However it is generally not recommended to use WEP especially when we’re talking about networks that need more advanced security. The biggest disadvantage found with WEP is really it’s main weakness, a skilled hacker could actually crack the security key within a matter of minutes using special software.

I previously identified several types of attacks, threats and vulnerabilities that exist with your multilayered network. I have now been charged with the responsibility of developing a strategy to deal with these risks as well as a plan to mitigate each risk to reduce the impact that each will have on your organization.

They exploit network design weaknesses such as sending ping requests to death, or establishing computationally heavy tasks such encryption and decryption of the victim. The attacks have become rampant because hackers have availed the attack tools to help adversaries bypass the weak security measures in place. The attacks can be direct or reflector (Kinicki, 2012).

Risk management is a key part of information security. Specific to the phishing attack protection, there are two major effects: fixing the missing controls of the system to reduce the vulnerabilities which may be used by phishing; Implement incident response policy to prevent and reduce further damage in case phishing attack successes.

Attackers attack the network by identifying a weak point in the network and create a network threat. There are four primary classes of threat: Unstructured Threats, Structured Threats, External threats and internal

There are twelve major ways technology threatens your online policy today. The first of these threats is phishing. According to Riva Richmond, phishing is a ploy to gain personal information that will help people to steal your identity. Hackers will send you fake e-mails that

Spam and Phishing are the two major types of email attacks. Organizations need to clearly understand what these terms mean in order to assess their impact and minimize their spread. Spam is unsolicited commercial e-mail. Phishing, on the other hand, uses legitimately looking emails that trick the receiver into giving out sensitive information (Boyle & Panko, 2015). Spam is the annoying email promising the reader to get rich, skinny, prettier etc. Most people are familiar with the Nigerian scam where a prince or oil tycoon wants to give up his fortune to the lucky

Technology vulnerabilities: according to Rufi (2006) TCP/IP protocols are naturally insecure, including HTTP, FTP and SMTP. The company run different versions of operating system on their servers and computers and all versions of Windows operating system have security problems that must be addressed. All equipment in the

Attack on a systems or network is defined on your network infrastructure. Attacker will first analyse network environment and collect information in order to take advantage of the existing open ports or vulnerabilities. It may include unauthorized access to company’s resources.

Governments, businesses and individuals are using the internet for day-to-day activities and any disruption can have devastating effects. This dependence on electronic information exchange, whilst having its positive side, also has a big negative with security issues. The ease at which a website or news portal can be attacked and taken down by almost any person with an internet connection is of huge concern. The various methods of electronic attacks which can take shape bring forward the subject of electronic warfare and how it impacts society. Various attacks can take place, although the distributed denial-of-service attack is the one of focus due to its eafse and its common appearance on the internet.

A threat is generally defined as an object, person, or other entity that represents a constant danger to an asset. Sans described threat as “anything that would contribute to the tampering, destruction or interruption of any service or item of value”. Threats possessed to an organization or business generally aim at identity theft, financial fraud, data breach causing loss to company’s asset. Fraud tricks can be applied on online user to gain knowledge about password username mother’s maiden name birthdate etc. These information are enough to fraud into ones bank account or create a new identity. In an open WiFi zone several computers can be hacked using hacking tools. The system can even be hacked using Bluetooth technology.

However, some employees may suffer advanced phishing attacks too. Since we were using a complete official domain